Техническая информация
- '%TEMP%\zwlib.exe'
- '<SYSTEM32>\wsqmcons.exe'
- '<SYSTEM32>\rundll32.exe' dfdts.dll,DfdGetDefaultPolicyAndSMART
- '<SYSTEM32>\taskhost.exe' $(Arg0)
- '<SYSTEM32>\sc.exe' start w32time task_started
- '<SYSTEM32>\sdclt.exe' /CONFIGNOTIFICATION
- ClassName: '(null)' WindowName: 'Process Monitor - Sysinternals: www.sysinternals.com'
- ClassName: 'PROCMON_WINDOW_CLASS' WindowName: '(null)'
- ClassName: '(null)' WindowName: 'Registry Monitor - Sysinternals: www.sysinternals.com'
- ClassName: 'RegmonClass' WindowName: '(null)'
- ClassName: '(null)' WindowName: 'File Monitor - Sysinternals: www.sysinternals.com'
- ClassName: 'GBDYLLO' WindowName: '(null)'
- ClassName: 'OLLYDBG' WindowName: '(null)'
- ClassName: 'FilemonClass' WindowName: '(null)'
- ClassName: 'pediy06' WindowName: '(null)'
- C:\ProgramData\Microsoft\RAC\Temp\sql8065.tmp
- C:\ProgramData\Microsoft\RAC\Temp\sql80B4.tmp
- %TEMP%\zwlib.exe
- <SYSTEM32>\sensdll.dll
- %TEMP%\zwlib.exe
- <SYSTEM32>\sensdll.dll в <SYSTEM32>\sensini.dll
- DNS ASK ti##.#indows.com
- 'ti##.#indows.com':123
- ClassName: '18467-41' WindowName: '(null)'